covidtripinsurance.com Open in urlscan Pro
107.180.90.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://covidtripinsurance.com/
Submission: On October 23 via automatic, source certstream-urgent (October 23rd 2021, 1:15:59 pm UTC) — Scanned from DE

Summary HTTP 39 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 14 domains to perform 39 HTTP transactions. The main IP is 107.180.90.160, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is covidtripinsurance.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 23rd 2021. Valid for: 3 months.

This is the only time covidtripinsurance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	107.180.90.160 107.180.90.160	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
4	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
2	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1 4	172.67.171.243 172.67.171.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	172.67.201.252 172.67.201.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
1	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
39	12

5 107.180.90.160 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-90-160.ip.secureserver.net

covidtripinsurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.171.243 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.covidchecker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.201.252 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sitata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.19.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	sitata.com www.sitata.com	4 MB
5	covidtripinsurance.com covidtripinsurance.com	105 KB
4	covidchecker.com 1 redirects www.covidchecker.com	45 KB
4	google-analytics.com ssl.google-analytics.com www.google-analytics.com	37 KB
4	googletagmanager.com www.googletagmanager.com	157 KB
1	google.com www.google.com	519 B
1	gstatic.com fonts.gstatic.com	44 KB
1	doubleclick.net googleads.g.doubleclick.net	2 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	cloudflare.com cdnjs.cloudflare.com	16 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	sharethis.com Failed w.sharethis.com Failed
0	tripinsurancestore.com Failed www.tripinsurancestore.com Failed
0	officeofstrategicinfluence.com Failed officeofstrategicinfluence.com Failed
39	14

	Domain	Requested by
13	www.sitata.com	www.covidchecker.com www.sitata.com cdnjs.cloudflare.com covidtripinsurance.com
5	covidtripinsurance.com	covidtripinsurance.com
4	www.covidchecker.com	1 redirects covidtripinsurance.com www.covidchecker.com
4	www.googletagmanager.com	covidtripinsurance.com www.covidchecker.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	ssl.google-analytics.com	covidtripinsurance.com
1	www.google.com	www.covidchecker.com
1	fonts.gstatic.com	fonts.googleapis.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.covidchecker.com
1	fonts.googleapis.com	www.covidchecker.com
0	w.sharethis.com Failed	covidtripinsurance.com
0	www.tripinsurancestore.com Failed	covidtripinsurance.com
0	officeofstrategicinfluence.com Failed	covidtripinsurance.com
39	15

This site contains links to these domains. Also see Links.

Domain
worldwidetravelhealthinsurance.com
tripinsurancestore.com
purchase.imglobal.com
www.bbb.org
www.tripinsurancestore.com
officeofstrategicinfluence.com

Subject Issuer	Validity	Valid
covidtripinsurance.com cPanel, Inc. Certification Authority	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-02-19` - `2022-02-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://covidtripinsurance.com/
Frame ID: 398F3E0FEDF1D4B40B6C4455374EA067
Requests: 13 HTTP requests in this frame

Frame: https://www.covidchecker.com/de/embed
Frame ID: A923F4839D292285013EDA30F55B54D3
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Covid Trip Insurance Coverage for USA Residents - Covid Trip Insurance Coverage Covid Trip Insurance Coverage

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

39
Requests

90 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

12
IPs

1
Countries

4665 kB
Transfer

8086 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://worldwidetravelhealthinsurance.com/
Title: All IMG plans

Search URL Search Domain Scan URL

URL: https://tripinsurancestore.com/get-a-quote.php
Title: Trip Cancellation plans

Search URL Search Domain Scan URL

URL: https://tripinsurancestore.com/blog/
Title: Steve's WSJ Rec Blog

Search URL Search Domain Scan URL

URL: https://tripinsurancestore.com/
Title: Trip Cancellation Insurance:

Search URL Search Domain Scan URL

URL: https://tripinsurancestore.com/trusted-travel-insurance-providers/
Title: the companies

Search URL Search Domain Scan URL

URL: https://purchase.imglobal.com/Quote/Patriot/pre-quote?imgac=21039
Title: Patriot Travel Medical Insurance

Search URL Search Domain Scan URL

URL: https://purchase.imglobal.com/Quote/Patriot_Platinum/pre-quote?imgac=21039
Title: Patriot Platinum Travel Medical Insurance

Search URL Search Domain Scan URL

URL: http://www.bbb.org/kansas-city/business-reviews/insurance-travel/tripinsurancestorecom-in-lees-summit-mo-99152247#sealclick

Search URL Search Domain Scan URL

URL: http://www.tripinsurancestore.com/email.php
Title: steve [at] tripinsurancestore.com

Search URL Search Domain Scan URL

URL: http://www.tripinsurancestore.com/
Title: TripInsuranceStore.com

Search URL Search Domain Scan URL

URL: http://officeofstrategicinfluence.com/spam/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://covidtripinsurance.com/sendlink.js HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/ HTTP 302
https://covidtripinsurance.com/404-page/

Request Chain 11

https://www.covidchecker.com/embed HTTP 302
https://www.covidchecker.com/de/embed

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
covidtripinsurance.com/ 14 KB
15 KB 559ms
362ms Document
text/html 107.180.90.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://covidtripinsurance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.180.90.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-90-160.ip.secureserver.net
Software: Apache /
Resource Hash: 8a3025e947db937ea24d20d2b65a63f158e538d55c13ac40a739df4ca7c968c8

Request headers

Host: covidtripinsurance.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 23 Oct 2021 13:15:46 GMT
Server: Apache
Link: <https://covidtripinsurance.com/wp-json/>; rel="https://api.w.org/", <https://covidtripinsurance.com/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://covidtripinsurance.com/>; rel=shortlink
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.css
covidtripinsurance.com/wp-content/themes/covtheme/ 2 KB
3 KB 170ms
96ms Stylesheet
text/css 107.180.90.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://covidtripinsurance.com/wp-content/themes/covtheme/style.css
Requested by: Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.180.90.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-90-160.ip.secureserver.net
Software: Apache /
Resource Hash: 0d6bc2d503071d585440d17b7e571db9a518a0d7c9a2300a51300466ddf61d22

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: covidtripinsurance.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://covidtripinsurance.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://covidtripinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 13:15:46 GMT
Last-Modified: Mon, 28 Dec 2020 17:05:36 GMT
Server: Apache
Content-Type: text/css
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2480
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
49 KB 58ms
37ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W2XJHPRKL1

Requested by

Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ab56c639274731299ff532002a1cd568ab5f11e718747c1fd3669f66d54b7831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://covidtripinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49440
x-xss-protection: 0
expires: Sat, 23 Oct 2021 13:15:46 GMT

GET
H/1.1 200
OK style.min.css
covidtripinsurance.com/wp-includes/css/dist/block-library/ 57 KB
57 KB 268ms
97ms Stylesheet
text/css 107.180.90.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://covidtripinsurance.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by: Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.180.90.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-90-160.ip.secureserver.net
Software: Apache /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: covidtripinsurance.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://covidtripinsurance.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://covidtripinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 13:15:46 GMT
Last-Modified: Tue, 06 Apr 2021 23:50:28 GMT
Server: Apache
Content-Type: text/css
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 58171
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK bbba.png
covidtripinsurance.com/graphics/ 15 KB
16 KB 102ms
101ms Image
image/png 107.180.90.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidtripinsurance.com/graphics/bbba.png
Requested by: Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.180.90.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-90-160.ip.secureserver.net
Software: Apache /
Resource Hash: ba207641c91222be8312e1136dd574af40be3efbb81e8e40c58d9b75c5c972ed

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: covidtripinsurance.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://covidtripinsurance.com/
Cookie: __utma=70418050.1942696549.1634994947.1634994947.1634994947.1; __utmc=70418050; __utmz=70418050.1634994947.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=70418050.1.10.1634994947
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://covidtripinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 13:15:46 GMT
Last-Modified: Mon, 28 Dec 2020 17:14:05 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15774

GET icon.png
officeofstrategicinfluence.com/spam/ 0
0

GET

/
covidtripinsurance.com/404-page/
Redirect Chain

https://covidtripinsurance.com/sendlink.js
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/
https://covidtripinsurance.com/404-page/

0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 30ms
7ms Script
text/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://covidtripinsurance.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 6447
date: Sat, 23 Oct 2021 11:28:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Sat, 23 Oct 2021 13:28:19 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 15ms
13ms Image
image/gif 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1070568773&utmhn=covidtripinsurance.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Covid%20Trip%20Insurance%20Coverage%20for%20USA%20Residents%20-%20Covid%20Trip%20Insurance%20Coverage%20Covid%20Trip%20Insurance%20Coverage&utmhid=148796464&utmr=-&utmp=%2F&utmht=1634994946910&utmac=UA-762717-4&utmcc=__utma%3D70418050.1942696549.1634994947.1634994947.1634994947.1%3B%2B__utmz%3D70418050.1634994947.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=368569288&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://covidtripinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 13:15:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
covidtripinsurance.com/wp-includes/js/ 14 KB
14 KB 219ms
97ms Script
application/javascript 107.180.90.160
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://covidtripinsurance.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by: Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.180.90.160 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-107-180-90-160.ip.secureserver.net
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: covidtripinsurance.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://covidtripinsurance.com/
Cookie: __utma=70418050.1942696549.1634994947.1634994947.1634994947.1; __utmc=70418050; __utmz=70418050.1634994947.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=70418050.1.10.1634994947
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://covidtripinsurance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 13:15:47 GMT
Last-Modified: Wed, 06 Jan 2021 15:29:24 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14229
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET status_image.php
www.tripinsurancestore.com/chat/js/ 0
0

POST
H2 204 collect
www.google-analytics.com/g/ 0
322 B 36ms
13ms Ping
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W2XJHPRKL1&gtm=2oeak0&_p=148796464&sr=1600x1200&ul=en-us&cid=2113154248.1634994947&_s=1&dl=https%3A%2F%2Fcovidtripinsurance.com%2F&dt=Covid%20Trip%20Insurance%20Coverage%20for%20USA%20Residents%20-%20Covid%20Trip%20Insurance%20Coverage%20Covid%20Trip%20Insurance%20Coverage&sid=1634994946&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2XJHPRKL1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://covidtripinsurance.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 13:15:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://covidtripinsurance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

embed Show response
www.covidchecker.com/de/ Frame A923
Redirect Chain

https://www.covidchecker.com/embed
https://www.covidchecker.com/de/embed

9 KB
4 KB

83ms
60ms

Document
text/html

172.67.171.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/de/embed

Requested by

Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23f5c259e5be578185a8977071c631e0bf4720c89edc0998477b6a887882b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.covidchecker.com
:scheme: https
:path: /de/embed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://covidtripinsurance.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://covidtripinsurance.com/

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: d10dbefc20a94a1c6104aec205b9899d
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkambDgUD7BT%2FHMMqTc634b4AZWZgCKkzX9qOrOn%2B2XugxF3sZijU5y%2F4xMP6CdnFYXw%2BpW7gxvhxlQMhmptZCv5qtVAiYVSP1uopSOwLxJI3eGibLCzAuxAYAtcoELjT5LLWvro%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2b3c73ebb3412b-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
location: /de/embed
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 706b7eebf20a20d8003fdeb86a4c1bee
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVGrg4jtSd41%2B5nZCaTOdm2a5N9QYGJ5XeMfynqk9rztwWp5CGXtXiDeCT5z2Pi1zaVjrqnMoUSyJLloNEV9RkbPOQvfZoLeo5qondUUk7JkMbSoHsQ8Uk4BohIEVufl5XUlKbQzmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2b3c735ba42788-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET sharethis.js
w.sharethis.com/button/ 0
0

GET
H3 200 app-b924d58acb921906c318bfc2944b0810.css
www.covidchecker.com/css/ Frame A923 201 KB
35 KB 28ms
27ms Stylesheet
text/css 172.67.171.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/css/app-b924d58acb921906c318bfc2944b0810.css?vsn=d

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c21eeee2d18ec9a6767463f72f0fab4b984f060324f8a3056b1ba6847f8b751

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/de/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2873642
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Jun 2021 20:52:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8LqfPJa%2Bf1G9IXeNWOszmxL41jTmTHxfkrkzfCeIlJSF7jynBi4JhsGiRx5PEXSbl6cJy8c%2FfB8SxIkEDMyf1yox2ATf3MbFu7nd7m%2FzSRKE8rfrxEUjhPqd4VkMMJkkq1OhV1sYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a2b3c747cd2412b-PRG
cf-bgj: minify

GET
H2 200 sitata-covid-map.js Show response
www.sitata.com/widgets/ Frame A923 2 KB
1 KB 53ms
22ms Script
application/javascript 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map.js

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04073918b7dcd912522951dbdced1b8f0a5fb2cf95cbbcd12e1f219ee24cc635

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5980
cf-polished: origSize=1547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"15591CA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qeCdd3zet5JxTIxXcgWmqj06kQ8F8zBn%2BMxO6WlDZyMlxaZDK6wgavN%2FFZQOjNMGdKqF2HufbA8yNucyvKT2qz4cxmW3ma3Npk3waTSgmEZy%2Bvt06tnGdxvlDWgsVmZ9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6a2b3c749860277c-PRG

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A923 89 KB
35 KB 29ms
15ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fe71df634427ecbeefacf94935ea0e2d1aa2a52fd1c7e611ad0442245982d732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35713
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Oct 2021 13:15:47 GMT

GET
H3 200 modernizr-2a5f9bbe6b1cf87a4193e4a1e9dea96e.js Show response
www.covidchecker.com/js/ Frame A923 10 KB
5 KB 59ms
59ms Script
application/javascript 172.67.171.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/js/modernizr-2a5f9bbe6b1cf87a4193e4a1e9dea96e.js?vsn=d

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.171.243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1d80cf897293d61b1bb29cd0c9359b21bf2e9a73cc42fe8f29bc8e6c0c674cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/de/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1300403
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 22 Sep 2021 10:42:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLlgRWRo9oz9iQGSQ7YcHO0UzimLGQLciYJ%2Fw7aXPXkC1TdVD1MAAvSjvS68YlDXTtQKBElY3A6x1jeQDcS8aPugrmu9wPPD0ARDmuwd2LPT%2Fw2GrSC%2BhGwLgJQZrvTrHHdMvTqLVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a2b3c747cd3412b-PRG
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ Frame A923 8 KB
1 KB 37ms
16ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/css/app-b924d58acb921906c318bfc2944b0810.css?vsn=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

ESF /

Resource Hash

a0a7d844cc39d2851b739bdf457148f2039d20360fc31377ebb53ba030305a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 12:56:31 GMT
server: ESF
date: Sat, 23 Oct 2021 13:15:47 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 13:15:47 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/ Frame A923 56 KB
16 KB 55ms
22ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466372a3fa7834cc9fdb2c8286cc5fa7428cf37426bbf3fc565bc1370df3ba97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidchecker.com/
Origin: https://www.covidchecker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3251436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15626
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-df59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FN2LaUs8mB5cScwfXmbS3wgiwHuB4AyGkO29MRxHoV59a%2Bv5FNEKGgUAova8ETmNuUIz4YIcFBL3hF8cF7VvTcnN5HkptRZ4NZSpGOfZaH5kyFfdZJ%2FHG3DD7q0qofilC9%2FvThJC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a2b3c75484a27b8-PRG
expires: Thu, 13 Oct 2022 13:15:47 GMT

GET
H3 200 sitata-covid-map.1.0.14.js Show response
www.sitata.com/widgets/ Frame A923 2 MB
475 KB 73ms
50ms Script
application/javascript 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map.1.0.14.js

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

674b78b8388f09edf9e6565b7920a09b7f63253296dd0bfa8b3a29e9e6b47bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5979
cf-polished: origSize=1573828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"A40A19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3wUWCig8HyqofvU3ilVZh88rjog6jcDE6rw6TApMOZH8%2F67TO4d39%2BkKsBHInMyltTA9ed7CKexAqX%2BR%2BWSCaWHhg7fKL4Svy9o5yv5dJo3dAKw8ggddt9a4CsU09LP%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6a2b3c7539792790-PRG

GET
H3 200 sitata-covid-map.1.0.14.css
www.sitata.com/widgets/ Frame A923 169 KB
31 KB 55ms
31ms Stylesheet
text/css 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map.1.0.14.css

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c59c73af83467377bb467f471f5b1a97661792c7a652b8d21ee281c64a01789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"136DC9A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V2d0%2FNEKfwfWorT%2Bahwq%2FYqTQC2AjeYhWoXPf4LzbISluY56jHe7IW2zNFgPBxB5FPXKbIi5gCifGIzvgN0s3q%2FH2dX%2BnBaja9luRu1M8rc3SbLm9lN1LOnxnU%2Bh5nbPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 6a2b3c75397b2790-PRG

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame A923 49 KB
19 KB 21ms
6ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4513
date: Sat, 23 Oct 2021 12:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sat, 23 Oct 2021 14:00:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A923 96 KB
38 KB 29ms
29ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1001553572&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4fc9054a2ccab914f59dfad82e7b81f9f92121084f388c6b9c98847ec134befc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39253
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Oct 2021 13:15:47 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame A923 37 KB
15 KB 65ms
42ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1001553572&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14435
x-xss-protection: 0
server: cafe
etag: 3499052782129861849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 13:15:47 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001553572/ Frame A923 2 KB
2 KB 41ms
19ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1001553572/?random=1634994947501&cv=9&fst=1634994947501&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.covidchecker.com%2Fde%2Fembed&ref=https%3A%2F%2Fcovidtripinsurance.com%2F&tiba=COVID-19%20Reiseversicherung%20und%20mehr%20f%C3%BCr%20sorgenfreies%20Reisen%20%7C%20Sitata&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1bae48104ef2ddee6b1dae76f208584c399f5d33a2cca834d495b05a065fb53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1079
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 check_public
www.sitata.com/api/v2/tokens/process/ Frame 0
0 79ms
59ms Preflight 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/tokens/process/check_public?token=2d811d19-a0ce-4bd8-b1d0-7404e9875831

Protocol

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Origin: https://www.covidchecker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
x-request-id: 6dbee6c475dca634574842f8ff069c58
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOXRYtWKA%2FCh3w3r%2Fmh2CkVPyppXZH4C4acXosr6Cp%2B4%2F9%2Bhtys8j%2F%2BgM7bPblyW8QNf72vLWQ6Y7aoykIE%2B3VVYidNLqj%2FGCvrknzPGoPUmh9J%2FH%2B7PKBbaC0IdqBFkag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2b3c76df342784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 countries
www.sitata.com/api/v2/ Frame 0
0 88ms
69ms Preflight 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/countries?short=1

Protocol

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Origin: https://www.covidchecker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
x-request-id: 3f715b82f43c4cb00c8f1538189e53d2
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBzhvXVGyXMsyU9DcXeDQeLAzr6Z6Z46CRMPO2IDdLt9cFTcxJhzGtS8uLYZl7wYunuG%2BNbtbDGBsfBxS7d0KOM4aU9bJI5APy8wF5BrUFdDG9kz1AWNkr2Z1lzU7gYnNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2b3c76df382784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 global_summary
www.sitata.com/api/v2/covid19/ Frame 0
0 95ms
75ms Preflight 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/covid19/global_summary

Protocol

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Origin: https://www.covidchecker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
x-request-id: ebeb50712afa20826ac72241eb79ab45
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgbFj3%2FF8JgV3XeT6RpwIDQsYcr%2FlLKO1d3GF21pf7bkic0cJ1jz898014xpJi9IxrfozF9UlL3HnOgIb0l9HxjGaeydK7mqVkzdRRSEBrnqOX8%2F%2FLz9PKa%2BI30RXB0pfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2b3c76df392784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 204 global_summary
www.sitata.com/api/v2/entry_requirements/ Frame 0
0 74ms
55ms Preflight 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/entry_requirements/global_summary

Protocol

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Origin: https://www.covidchecker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
x-request-id: 7a5c378cb4a5d35f9461905f30740d97
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVJ2Zo5j2uQcHzaafpNNtjiO2ArUV17U8vHgNPnDaOGbqq3OYTNSmKUnbryLs7othmZGor144OOJk1CpI2zUdtsQ8QubssOCb0XLqHY0zT%2B23xjG1uDOnEUCTaeuGbJ0hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a2b3c76df3b2784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A923 89 KB
35 KB 15ms
14ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32631831-7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d226519ae3e35d6da8dba3bc5b55efc264060d69434575d7e660fec62dff5c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35728
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Oct 2021 13:15:47 GMT

POST
H3 200 check_public Show response
www.sitata.com/api/v2/tokens/process/ Frame A923 2 B
634 B 51ms
51ms Fetch
application/json 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/tokens/process/check_public?token=2d811d19-a0ce-4bd8-b1d0-7404e9875831

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://covidtripinsurance.com/
Authorization: null
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2
x-request-id: 5829c3dbf0c2f2a2119a28afa886c78b
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TumzeXBO1BaiDeVoN77ZK0e%2B%2FwUBglpxLzX5dgAHVH7tRozAZFjBXCX5pHpHNR6ASGCllY7MnZi4NffdHNk8T64D6cbrKcfJg3E6OZOr8etcStV5mzbVuxJNyboKZ2XYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a2b3c773fc02784-PRG

GET
H3 200 countries Show response
www.sitata.com/api/v2/ Frame A923 545 KB
94 KB 359ms
358ms Fetch
application/json 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/countries?short=1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9b75be5945a4ac744283f374477e739b80e9d97c1482e02d30be18396a8f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://covidtripinsurance.com/
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Oct 2021 13:15:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 558e6c61a6f14da5ce11d431d3aa691e
last-modified: Tue, 17 Aug 2021 17:13:41 GMT
server: cloudflare
etag: W/ d3bc826ac7b9a7527489d1adc210104e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65v4UMD3ENis5igVtYujChGG3Gs3J1BRrYjhWit%2BMKymVFekYO%2Bv2MajX2sLJ7D26D6DlxJlbS5othuo0dXXfu4e%2BOQh8imZkUdx7xsI8DnwHzKkyKOOeeOhABipfRYpog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a2b3c774fd32784-PRG

GET
H3 200 global_summary Show response
www.sitata.com/api/v2/covid19/ Frame A923 742 KB
137 KB 266ms
265ms Fetch
application/json 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/covid19/global_summary

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fefc1848802b1e43c1577257bf94b3e2457a4654759206c137271d98f214ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://covidtripinsurance.com/
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 44d5b80ed185d48844c64e6b314b8e28
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhtCo%2FUFhKzrwOBgsizrIG8e7qZpXZwA5aoUALZ60PkpvyIc1rC5Crmbjy5FsnSjKc82umM5yb8O64c1LeMTXGWfr22bNkdAwyAqpg7LCV2R4SJkV8LaJEi1T01XrX8qSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a2b3c774fe22784-PRG

GET
H3 200 global_summary Show response
www.sitata.com/api/v2/entry_requirements/ Frame A923 719 KB
92 KB 1659ms
1659ms Fetch
application/json 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/entry_requirements/global_summary

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e862f94e4200b949299af76e56b55829d565de1bef7aa45fdc92d52a6e5fab91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://covidtripinsurance.com/
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Oct 2021 13:15:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id: 59329363f85b8cd7dd50901bf84ee469
last-modified: Sat, 23 Oct 2021 09:46:16 GMT
server: cloudflare
etag: W/ 2aea67f9f201b2e0bec52d41a006b72e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpIWuq6oFLyLaaPZPutQQoVm1TcVmiqUy9kYo%2BYB3egR8G6xmW42ImQ2cQJmzBjIFm%2B13RZRdRYq6DdAzozB44oWFiJZcdIX%2B9onxAMLSNMrtlyvcfgnI0uoVf1kSku9lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6a2b3c772fb32784-PRG

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ Frame A923 44 KB
44 KB 29ms
7ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.covidchecker.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options: nosniff
age: 154173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 18:26:14 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1001553572/ Frame A923 42 B
519 B 59ms
24ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1001553572/?random=1634994947501&cv=9&fst=1634994000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fwww.covidchecker.com%2Fde%2Fembed&ref=https%3A%2F%2Fcovidtripinsurance.com%2F&tiba=COVID-19%20Reiseversicherung%20und%20mehr%20f%C3%BCr%20sorgenfreies%20Reisen%20%7C%20Sitata&async=1&fmt=3&is_vtc=1&random=1048512166&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 13:15:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 new-sitata-logo-horiz-dark.png
www.sitata.com/images/ Frame A923 15 KB
16 KB 25ms
25ms Image
image/png 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sitata.com/images/new-sitata-logo-horiz-dark.png

Requested by

Host: covidtripinsurance.com
URL: https://covidtripinsurance.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

339f11baa960be24997c8ad6c5b0863d9fc8c46ff45670f4c81de56d1f064aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15827
server: cloudflare
etag: "270B91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95ylPLKx8asfOh1CaDgxYQquMrMXjZdGeinD5au%2FV7giIJUVUgksYwr3yOqaBszT%2BTfSDxB1E7rxWfWEUNz7v0oYX3Cg18I9groPCZuXJaJJKxtzLARzfHEZj1oglUJzGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6a2b3c779d6e2790-PRG

GET
H3 200 50m_world.topojson Show response
www.sitata.com/widgets/ Frame A923 3 MB
3 MB 65ms
65ms XHR
application/octet-stream 172.67.201.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/50m_world.topojson

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.201.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d882b03aa492b45459e2c527e2637f48298e845bc7bf6e0aadb01eb9e5b3d372

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 13:15:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7C087B9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99s1eHWK6pAIYEingxCxTo3%2FCuAm0E8E%2Blv%2BAtxbknX54RxSRv1zEFIJDt1FbQ26Mvz3eDH%2FTaI2nuB1I74Uwx3DTOZE8TLYb1ivTvrfSH2alKu8rsPZUNGPekT%2BSdqaVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 6a2b3c81d8402784-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: officeofstrategicinfluence.com
URL: https://officeofstrategicinfluence.com/spam/icon.png

Domain: covidtripinsurance.com
URL: https://covidtripinsurance.com/404-page/

Domain: www.tripinsurancestore.com
URL: http://www.tripinsurancestore.com/chat/js/status_image.php?base_url=http://tripinsurancestore.com/chat&l=steve&x=1&deptid=3&

Domain: w.sharethis.com
URL: http://w.sharethis.com/button/sharethis.js

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.covidtripinsurance.com/	1970-01-20 15:41:06	Name: __utma Value: 70418050.1942696549.1634994947.1634994947.1634994947.1
.covidtripinsurance.com/	1969-12-31 23:59:59	Name: __utmc Value: 70418050
.covidtripinsurance.com/	1970-01-20 02:32:42	Name: __utmz Value: 70418050.1634994947.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.covidtripinsurance.com/	1970-01-19 22:09:55	Name: __utmt Value: 1
.covidtripinsurance.com/	1970-01-19 22:09:56	Name: __utmb Value: 70418050.1.10.1634994947
.covidtripinsurance.com/	1970-01-20 15:41:06	Name: _ga_W2XJHPRKL1 Value: GS1.1.1634994946.1.0.1634994946.0
.covidtripinsurance.com/	1970-01-20 15:41:06	Name: _ga Value: GA1.1.2113154248.1634994947
.doubleclick.net/	1970-01-19 22:09:55	Name: test_cookie Value: CheckForPermission

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://covidtripinsurance.com/ Message: Mixed Content: The page at 'https://covidtripinsurance.com/' was loaded over HTTPS, but requested an insecure element 'http://officeofstrategicinfluence.com/spam/icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://covidtripinsurance.com/(Line 28) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://covidtripinsurance.com/(Line 28) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://covidtripinsurance.com/ Message: Mixed Content: The page at 'https://covidtripinsurance.com/' was loaded over HTTPS, but requested an insecure script 'http://www.tripinsurancestore.com/chat/js/status_image.php?base_url=http://tripinsurancestore.com/chat&l=steve&x=1&deptid=3&'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://covidtripinsurance.com/ Message: Mixed Content: The page at 'https://covidtripinsurance.com/' was loaded over HTTPS, but requested an insecure element 'http://officeofstrategicinfluence.com/spam/icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://covidtripinsurance.com/ Message: Mixed Content: The page at 'https://covidtripinsurance.com/' was loaded over HTTPS, but requested an insecure script 'http://w.sharethis.com/button/sharethis.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://officeofstrategicinfluence.com/spam/icon.png Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://covidtripinsurance.com/404-page/ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
covidtripinsurance.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
officeofstrategicinfluence.com
ssl.google-analytics.com
w.sharethis.com
www.covidchecker.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.sitata.com
www.tripinsurancestore.com
covidtripinsurance.com
officeofstrategicinfluence.com
w.sharethis.com
www.tripinsurancestore.com
104.16.19.94
107.180.90.160
142.250.185.168
142.250.185.78
142.250.186.130
142.250.186.99
172.217.16.138
172.217.23.100
172.217.23.104
172.67.171.243
172.67.201.252
04073918b7dcd912522951dbdced1b8f0a5fb2cf95cbbcd12e1f219ee24cc635
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d6bc2d503071d585440d17b7e571db9a518a0d7c9a2300a51300466ddf61d22
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1bae48104ef2ddee6b1dae76f208584c399f5d33a2cca834d495b05a065fb53e
1fefc1848802b1e43c1577257bf94b3e2457a4654759206c137271d98f214ccb
2c59c73af83467377bb467f471f5b1a97661792c7a652b8d21ee281c64a01789
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
339f11baa960be24997c8ad6c5b0863d9fc8c46ff45670f4c81de56d1f064aca
466372a3fa7834cc9fdb2c8286cc5fa7428cf37426bbf3fc565bc1370df3ba97
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fc9054a2ccab914f59dfad82e7b81f9f92121084f388c6b9c98847ec134befc
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5b9b75be5945a4ac744283f374477e739b80e9d97c1482e02d30be18396a8f35
674b78b8388f09edf9e6565b7920a09b7f63253296dd0bfa8b3a29e9e6b47bdc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a3025e947db937ea24d20d2b65a63f158e538d55c13ac40a739df4ca7c968c8
8c21eeee2d18ec9a6767463f72f0fab4b984f060324f8a3056b1ba6847f8b751
a0a7d844cc39d2851b739bdf457148f2039d20360fc31377ebb53ba030305a4b
ab56c639274731299ff532002a1cd568ab5f11e718747c1fd3669f66d54b7831
b1d80cf897293d61b1bb29cd0c9359b21bf2e9a73cc42fe8f29bc8e6c0c674cb
b23f5c259e5be578185a8977071c631e0bf4720c89edc0998477b6a887882b2e
ba207641c91222be8312e1136dd574af40be3efbb81e8e40c58d9b75c5c972ed
d226519ae3e35d6da8dba3bc5b55efc264060d69434575d7e660fec62dff5c92
d882b03aa492b45459e2c527e2637f48298e845bc7bf6e0aadb01eb9e5b3d372
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e862f94e4200b949299af76e56b55829d565de1bef7aa45fdc92d52a6e5fab91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fe71df634427ecbeefacf94935ea0e2d1aa2a52fd1c7e611ad0442245982d732

covidtripinsurance.com Open in urlscan Pro 107.180.90.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

90 %HTTPS

0 %IPv6

14 Domains

15 Subdomains

12 IPs

1 Countries

4665 kBTransfer

8086 kBSize

8 Cookies

11 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

covidtripinsurance.com Open in urlscan Pro
107.180.90.160 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

90 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

12
IPs

1
Countries

4665 kB
Transfer

8086 kB
Size

8
Cookies

39 HTTP transactions
0 data transactions